* Posts by Morten Bjoernsvik

231 posts • joined 7 Mar 2008

Page:

It wasn't just a few credit cards: Entire travel itineraries were stolen by hackers, Easyjet now tells victims

Morten Bjoernsvik

Re: Is hacking too easy?

>What technology do the police use for accessing criminal records?

I Norway we have centralized login: http://www.idporten.no/ where there are 3 different providers and 6 different 2FA ways to authenticate. This login-service is used to access any official records by customers and internals alike. It covers usb-sticks, smartcards and login tokens and soon yubikey fido2 devices. Its govern by an own governmental directorate https://www.difi.no/

Soon a service that scans your passport will come alive. It will take you from zero legitimation level to top in one go. Making the onboarding fully digital and much faster.

Each provider need a lot of independent backend services from various other providers, so it means compromising one wont compromising the entire chain.

The end really is nigh – for 32-bit Windows 10 on new PCs

Morten Bjoernsvik

Re: Amazed it took them this long

"FF has become such a PIG"

Blame it on Rust, the clue to its speed is to do clever mallocs which requires memory:

https://www.reddit.com/r/rust/comments/9m2dwo/noob_question_why_are_rust_binaries_so_big/

UK finds itself almost alone with centralized virus contact-tracing app that probably won't work well, asks for your location, may be illegal

Morten Bjoernsvik

Re: Almost?

>Norway has a centralized model:

Currently Norway is under a state of emergency, where the goverment has taken control of the parlament (Stortinget). This app is a good example of this. It was given to a governmental owned consulting firm Simula without any competition (£4mill, around 30% of their total yearly budget). It is a very simple app just collect movement data and drain the battery and deliver it to a central mainframe for data-science digging. But the GDPR part is sketchy and many security analysts recommend not installing it, the police wont use it and it is voluntarily: So just another pointless action by the government to show decisive action in their finest hour:

https://www.newsinenglish.no/2020/04/17/debate-flies-over-virus-tracking-app/

Python 2 bows out after epic transition. And there was much applause because you've all moved to version 3, right? Uh, right?

Morten Bjoernsvik

Re: lol

>My solution to MANY of the problems it CAUSED by Django (and bad python code)

>was to write C language utilities to do REAL work with reasonable performance,

Django the swiss army knife of python.

Mayday! Mayday! The next Windows 10 update is finally on approach to a PC near you

Morten Bjoernsvik

Ulyana is comming

With every fast ring insider release of windows I hope for upgrades of some of the worst part of windows, the server tools I'm forced to use that give me a bad mood everytime I use it.

The best thing with windows upgrades is that powershell seem to be more and more used. powershell relieves me from using cmd.exe, server-manager, DISM, Event-Viewer,Task-Scheduler, MMC.exe, RSAT, ADUC and all the other terrible MMC.exe "Strap on" GUI management tools they released pre win2008 and never bothered to upgrade.

Pottering's systemd compared to windows wininit is utterly genius. I've never seen anything interesting in event-viewer. I can have 100GB of just start and stop events, telling me nothing, and you can't turn the shit off. Errors a one liner with an error code.

You can ssh into a windows and use a powershell shell giving you almost the same capabilities than using ssh into a linux server. I'm hoping one day I can ssh into a windows and get the windows bash shell(WSL2) with the same capabilties. We use cygwin ssh into a dedicated local admin running cygrun on all windows server mainly because most sysadmin and automation guys know bash better than powershell.

I'm pretty sure many companies that make windows admin software pays M$ a lot of their revenue just to make sure they never updates their crap.

Ulyana is the new Mint20 wrapper onto Ubuntu 20.04LTS coming 23rd of April. Far more interesting.

So how do the coronavirus smartphone tracking apps actually work and should you download one to help?

Morten Bjoernsvik

Do we need an app?

Do not google and apple already have all this data, they just need to increase sampling rate and then crunch out for each phone.

I can find my positions pretty good with https://www.google.com/maps/timeline, Apple probably have the same. let them identify the infected and then crunch numbers to find persons who have been in close range.

Out with the old and in with the new as Java 14 arrives, bringing with it first Project Panama enhancements

Morten Bjoernsvik

Great IntelliJ salespitch

I looked at the blog post but did not understand a thing until I ran the gifs. If you are a java developer you'll be lost without the help from intelliJs intellisense. I see the same when I drabble in java using the VSC redhat java plugin and ask my coworkers for help, they often says I just do this in IntelliJ. But this says a lot about the language, way to much sugarcoating, I still finish code faster with python in VSC than java in intelliJ.

Morten Bjoernsvik

Re: Take that!

>362: Deprecate the Solaris and SPARC Ports

>>Ha, those folks at Oracle are really screwing over the ... other people at Oracle.

There is no one left to screw. Those folks are long gone.

Microsoft's GitHub absorbs NPM into its code-hosting empire: JavaScript library vault used by 12 million devs now under Redmond's roof

Morten Bjoernsvik

Nobody wants to pay for a package manager

This was bound to happen, nobody wanted to pay $7/month per user for a "professional" version, so when venture money was gone, selling user data would be the only option left. I bet we'll see some azure-npm-github-linkedin synergies in selling your userdata.

Microsoft frees Windows Subsystem for Linux 2 from the shackles of, er, Windows?

Morten Bjoernsvik

Re: WSL versus running Linux in a VM

A third option windows docker host with linux guests. (docker requires hyperv).

wsl does not support sbus and services and filesystem write is painfully slow.

How does Monzo keep 1,600 microservices spinning? Go, clean code, and a strong team

Morten Bjoernsvik

Re: You don't need to know how 1,600 services work

REST Microservices scales linearly horizontal and vertical, even if they are way slower than IPC and direct sockets, you can scale them on 10x of pods. Build in some service and probe endpoints and you practically have a self healing infrastructure as long as you have a backend database that scale.

More than a billion hopelessly vulnerable Android gizmos in the wild that no longer receive security updates – research

Morten Bjoernsvik

Re: And in comparison...

> that means at least 6 years of being vulnerable.

Commodo Usertrust expires in may2020, it means that any android older and equal to 5.1 will not work on sites using ssl certs issued by this root CA. You can install it manually, but that will be outside the knowledge of 90% of the userbase. Usually google updates androids cert trust when root CAs expire. Luckily most root Cas have a validation of 10 years.

https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l00000117LT

My Employer had a root CA that expired in 2015 and it meant all androids less of 4.2 would have to install it manually to use our apps and our webpages.

If you can get an updated firefox it may work because they maintain their own root cert store.

You can look up the source for the cert store here:

https://android.googlesource.com/platform/system/ca-certificates/+/master/files/

Stop us if you've heard this one before: HP Inc rejects Xerox's $36.5bn buyout plan as takeover saga drags on

Morten Bjoernsvik

Re: Strategy Option?

>Wouldn't they be better off offering the market say upto $30 a share until they've acquired another >36-37% and gained the controlling interest?

Icahn does not have that money, He has some strange idea that Xerox is undervalued and HP overvalued and synergies will make profits soars and finding their "optimal" performance. He's betting the HP board will agree. As always the losers will be HP and Xerox Workforce with massive layoffs and the winner will be the Wall street bankers financing this Utopia.

Built to last: Time to dispose of the disposable, unrepairable brick

Morten Bjoernsvik

Re: Reduce, re-used, recycle

I replaced my old "coal burning" i7 2700 homeserver with a rasberry pie4B, it uses around 40W with an 256GB SD card, I have a nuk like casing with a large slow running fan and more than enough to run mediawiki, gogs, ssh and sftp server in a single user mode. I have the sdcard backed up each night via cloud backup, and a simple program that can write it back into another sdcard it if fails. Like it has a tendency to do once in a year.

Steve Jobs, executives shot down top Apple engineers' plea to design their own server CPU – latest twist in legal battle over chip upstart Nuvia

Morten Bjoernsvik

Re: CPUs? Apple stopped making servers even though there was a demand

>There probably isn't a huge benefit to using their own CPUs for their cloud

Apple have the biggest coffin in the world, around $400Billion they do not know what to do with.

Building a server CPU and a kick ass apple server they can do just to keep the talent happy.

Xerox names the 11 directors it hopes will oust most of HP's board and put $33bn hostile takeover to shareholders

Morten Bjoernsvik

Gordon Gekko takeover

XRX market cap ~8Bill$ with major stockholder finance rebel Carl Icahn 83 years and Trump Buddie wants to buy HPQ with a market cap ~32Bill. Just supporting this Financial Ratatouille will drain all the earnings of both companies for years to come. No wonder HPQ are so hostile.

Microsoft emits long-term support .NET Core 3.1, Visual Studio 16.4

Morten Bjoernsvik

You can use visual studio code

>Visual Studio 2019 16.4 is necessary for using .NET Core 3.1.

runs fine with full intellisense under VSC and on linux.

Morten Bjoernsvik

Re: Proof in the pudding

perlscripts I wrote 15 years ago, still work, but python stuff I wrote 5 years ago do not. But current python with pathlib and subprocess properly written works everywhere.

We, Wall, we, Wall, Raku: Perl creator blesses new name for version 6 of text-wrangling lingo

Morten Bjoernsvik

Re: Finally

Moving from python2 to python3 is not that hard, if you can upgrade python2 to get all the backported python3 features it is mainly the utf-8 and byte issue left. We were lucky most of our modules had been upgraded as well.

Going from perl5 to perl6 is a different ballgame, there are very few packages for perl6 compared to cpan, so You need to rewrite everything from scratch. Far more easier to move it all to a more widely used language where modules exists. recently it is requirements to do security scanning of code repos. pypi and maven is supported everywhere. I would not been able to get a perl6 program out in production.

I follow the https://perlweeklychallenge.org/, solving problems using the core language is what perl6 is great at. I do not have time to write up all my legacy of modules and tools I need to meet my deadlines.

Flak overflow: Barrage of criticism prompts very public Stack Overflow apology

Morten Bjoernsvik

Re: This is all very fine, except for one thing.

Do the moderators get any money for this, or is this all internet economy voluntarily work.

Cosmo Communicator: More phone than the Gemini, more pocket computer than phone

Morten Bjoernsvik

why not bt keyboard

If they released a Psion look and feel BT keyboard I'm in. Currently I use a plain logitech BT keyboard with my android, works great, but not very portable.

Oracle demands $12K from network biz that doesn't use its software

Morten Bjoernsvik

Re: Glad Oracle did this..

>If your desktop is Windows (which I doubt) then it's also a free option to enable.

You need a windows 10 pro or windows server license to use hyper-v. The only way to get it for free is to run win10 fast ring, It updates so fast the license is never activated. But you are then at the mercy of beta testing new versions, I had an issue where v8 vms was automatically upgraded to v9, and it could no longer be used anywhere else. There is also on cut and paste bug with gfx console that drives me nuts. (cut and paste not supported, need to use ssh).

For real this time, get your butt off Python 2: No updates, no nothing after 1 January 2020

Morten Bjoernsvik

Re: Nothing new...

>It's not well-suited - it's slow at computation and basic string processing and heavily relies on libraries >to keep up appearances.

Python has also very easy bindings to C via Cython, We had a string splicing bottleneck. Since strings in python are immutable, splicing in larger strings are something you should avoid, but the code existed, it was easier just to rewrite the module calls in C using char pointers and the speedup was around 30X.

Can't bear to part with that well-worn copy of Windows 7? Microsoft might let you keep it updated an extra year

Morten Bjoernsvik

Re: The cost of Win10 is far too high.

If you join M$'s windows insider program and choose the fast ring, you do not need a license. the OS is atleast updated every week so the trial license never expire. I've had some crashes, and WSL was out for a week due to a bug.

Morten Bjoernsvik

Re: "things have moved on, like it or not"

You can get them without OS. and buy a key on ebay for $5. Or install Mate for free :-).

There once was a biz called Bitbucket, that told Mercurial to suck it. Now devs are dejected, their code soon ejected

Morten Bjoernsvik

windows sexy?

I think the new windows terminal and wsl2 is quite sexy

https://www.youtube.com/watch?v=8gw0rXPMMPE

If your workplace is all windows, you can install wsl2 and do all stuff in linux and still run those pesky windows applications you are forced to use.

The old wsl was dead slow and had poor filesystem support (all RWX), no sbus, no services, but it was still better than cygwin. wsl2 is a hyper-v virtualized ubuntu 18.04 with a nice windows terminal.

Morten Bjoernsvik

Re: I miss CVS

and I miss RCS, ci,co,rcsdiff so easy as single user, but a pain to collaborate in.

Morten Bjoernsvik

Re: One good thing about git is the tools for fixing mess-ups

And all people only knowing git via the IDE. having a hard time fixing stuff from the command line.

City-obliterating asteroid screamed past Earth the other night – and boffins only clocked it just 26 hours beforehand

Morten Bjoernsvik

Re: It does mean we're getting a _little_ better at spotting them.

From the first observations and the velocity they should be able to predict that the orbit was very close to earth.

Rust in peace: Memory bugs in C and C++ code cause security issues so Microsoft is considering alternatives once again

Morten Bjoernsvik

Re: Eh?

Chris Sawyer programmed Rollercoaster Tycoon 2 in 2002 in MS Macro Assembler V6 *

But hand written assembler is far more readable than what my latest GCC spits out at -O3

Wonderful game by a programmer Genius.

*https://www.quora.com/Why-was-Roller-Coaster-Tycoon-written-in-assembly

Firefox Preview for Android: Mozilla has another go at a mobile browser

Morten Bjoernsvik

Re: MS

M$ rationale was giving up playing catch up with chrome on experimental features not yet accepted by the W3C, while being used on sites like youtube.

A single renderer now having close to 100%. This is like we all should use the same compiler.

We should all back Firefox: https://donate.mozilla.org

It's a fullblown Crysis: Gamers press pause on PC purchases, shipments freeze

Morten Bjoernsvik

Re: Mature Product

If you buy your gear in parts, as most of my mates do, you are not part of this statistics?

Out of Steam? Wine draining away? Ubuntu's 64-bit-only x86 decision is causing migraines

Morten Bjoernsvik

Mint

95% of Mint is Ubuntu, it is just some fluff on the top, But as long at it is an LTS it will live for long.

Dev darling Docker embraces Windows Subsystem for Linux 2

Morten Bjoernsvik

Re: Develop with Visual Studio for linux? Thanks, I'll pass.

The article mentions Visual Studio Code, it is not Visual Studio, but its Rebel little sister written in typescript and running just as well on linux as on windows (the project with most stars on github). It has an excellent plugin system and cli interface. It uses intellisense and language server tech compatible with Visual Studio. I use WSL (or bash on windows as it is also called) as default.

Who bought the most powerful commercial supercomputer? Come on, it's Total-ly obvious

Morten Bjoernsvik

Re: Supercomputers are VERY MUCH needed for AI

Please do not Alice and Bob this, there are other needs of a supercomputer.

Meet the new Dropbox: It's like the old Dropbox, but more expensive, and not everyone's thrilled

Morten Bjoernsvik

Re: Your numbers are rather high

I use https://github.com/gogs/gogs on an rasberry pie with an apache proxy and lets encrypt. 7w with usb 1TB ssd drive. totally silent. It is only for wiki, code and documents. but it works on any device. My only complain is that searching when you get a lot of repos is almost non existant in gogs. But it is easy to rsync and replicate elsewhere on anything that runs linux in a few minutes.

Salesforce shells out $15.7bn for data viz biz Tableau

Morten Bjoernsvik

Re: Overpriced

And you can get jypyter + mathplotlib + numpy + pandas for free.

Boeing admits 737 Max sims didn't accurately reproduce what flying without MCAS was like

Morten Bjoernsvik

737MAX will be safe

This will be the safest plane ever once AOA has completed the re-certification.

Certifying a new passenger aircrafts take years. No cutting corners this time.

Wont be flying before 2020.

Karma chameleon: Reg hack takes SUSE mascot plushy right in the kisser

Morten Bjoernsvik

Too much cuddling

Before docker I used Suses excellent OBS to build rpms, But now we just build containers and push them to private Nexus docker repo.

Before ubuntu 1404 I was a fan of OpenSuse/Suse Enterprise, haven't touched Suse since. I used to wear a green openSuse hoodie.

I had to start a vm a few months ago with OpenSuse Leap 2014/2015 something. It was not a happy reunion.

Are you sure you've got a floppy disk stuck in the drive? Or is it 100 lodged in the chassis?

Morten Bjoernsvik

Commodore 1541 floppy drive singing

My first encounter with floppies was the CBM1541 5.25in.

You could program the driver head, up and down, The faster the higher frequency pitch.

The drive worked fine, but it is was a floppy in it it got scratched.

https://www.youtube.com/watch?v=E_cgvn5Vq6g

If at first you don't succeed, you may be trying to install that Slow Ring Windows 10 build

Morten Bjoernsvik

Win10 fast ring crashed improved my software

In october the fast ring WSL(window subsystem for linux) failed and forced me to convert all my pythonscripts to comply with powershell. I have a shell loader module that check environment variables and prepare the script for what environment to run them in adding powershell.exe in front of any python job. Took me about two days with unittests. When WSL was back next week, I didn't bother going back because linux is very well covered with tests on an ubuntu system running jenkins in docker.

If Your software can cope with some crashes and lost files, You should take the opportunity to improve when they happens.

The D in SystemD stands for Dammmit... Security holes found in much-adored Linux toolkit

Morten Bjoernsvik

Re: To all professional sysadmins here

>Some of us, have enough real work (TM) to justify our ongoing existence.

Like porting python software to windows. I much rather do SystemD than service wrappers which needs a hack like nssm.exe, or navigating around with event logger. If there was SystemD on windows it would be a great improvement.

Happy new year, readers. Yes, we have threaded comments, an image-lite mode, and more...

Morten Bjoernsvik

Re: Width

collapse + expand buttons for nested comments would be great :-)

What happens when a Royal Navy warship sees a NATO task force headed straight for it? A crash course in Morse

Morten Bjoernsvik

Re: NATO task force can't read Morse code?

But they are way better than our navy officers:

https://medium.com/@cargun/radar-images-audio-log-of-knm-helge-ingstad-frigate-sola-ts-oil-tanker-collision-a71e3f516b54

Norwegian journalist, military expert and political analyst Helge Lurås has suggested that the dramatic incident is closely related to the proportion of women in the Norwegian Armed Forces:

https://www.theweek.in/news/world/2018/11/20/norwegian-warship-accident-raises-questions-on-women-in-armed-fo.html

It all boils down to officers leaving untrained freshmen in charge. Quite common out in open sea far up north where there is almost impossible to hit anything, but inshore close to an oil terminal it is utterly suicide.

Staff sacked after security sees 'suspect surfer' script of shame

Morten Bjoernsvik

proxy managing

Back in last decade I set up a proxy service to ease the cost on our frame relay. but this proxy service came with extensive logging and grouping of service. Turned out more than 30% was web pages categorized as having "adult content".

Why millions of Brits' mobile phones were knackered on Thursday: An expired Ericsson software certificate

Morten Bjoernsvik

Re: Note to self ..

use LetsEncrypt and Certbot

What now, Larry? AWS boss insists Amazon will have dumped Oracle database by end of 2019

Morten Bjoernsvik

Oracle has very goog technology for large corporations

I do not support they arrogant treatment of customers and out of this world pricey licensing, but for large customers like Amazon. Oracle might be the sweetspot:

I once knew a DBA that single-handedly managed 425 oracle databases on 2 exadatas, with full redundancy and rollback, rollforward and multitiered backup in seconds on mirrored raid. I've never been given so good support. And we had to support oracle instead of mysql beacause to the cost of having a mysql dba and percona support was higher than using a better SLA with exadata.

It's a patch bonanza as Microsoft showers its OS platforms with update love

Morten Bjoernsvik

run windows insider preview edition instead

and you get a lot of other problems, last month wsl failed to start, new version of hyper-v making all my vms unbootable, had to upgrade them to v9, but then you cant go back. bluetooth driver suddenly failing. I rather put my precious stuff in containers running on debian or ubuntu.

The best way to screw the competition? Do what they can't, in a fraction of the time

Morten Bjoernsvik

Datawarehouse

Once I did fraud software service. We got a call from a bank on friday at 4pm. It had been a breach at an online merchant and they wanted to know all their customers that had used their cards there the last 6months. They asked their large datawarehouse/Mainframe dept to do the query, but they said they did not have time until monday. So their called us a small Fraud app service provider. The query took 30minutes (simple on merchantid within the given timeframe for the banks issuer binranges). I charged 2hours and they could reissue cards for all affected users before 8pm. On monday there was a cake in the reception with "Thanks from XXXX".

Our brave El Reg vulture sat through four days of Oracle OpenWorld to write this cracking summary just for you

Morten Bjoernsvik

More competition please

We're using Azure standard and basic tiers, and their CPU/Disk/IO/Mem allocations seem to 'optimize' with each new version. Resulting in apps taking longer and longer to start. On my laptop logstash takes 35sec to start (I7 4600), in azure on standard tiers it takes 5minutes.

Probably wants us to pay more for better tiers. Some wants to take it back inhouse. So I hope for Oracle/Dell/HP to get their clouds into shape. We need more competition. If you buy an Oracle license you get free servers in their cloud. They cant sell it, they can only give it away.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020